lib/vector: fix potential buffer overflow (OSGeo#4149)

neteler · Aug 8, 2024 · c132d68 · c132d68
1 parent fa781d7
commit c132d68
Showing 1 changed file with 12 additions and 2 deletions.
diff --git a/lib/vector/diglib/frmt.c b/lib/vector/diglib/frmt.c
@@ -19,6 +19,7 @@
 
 #include <grass/vector.h>
 #include <grass/glocale.h>
+#include <grass/gis.h>
 
 /*!
    \brief Read external vector format file
@@ -34,6 +35,7 @@ int dig_read_frmt_ascii(FILE *dascii, struct Format_info *finfo)
     char buff[2001], buf1[2001];
     char *ptr;
     int frmt = -1;
+    size_t len;
 
     G_debug(3, "dig_read_frmt_ascii()");
 
@@ -46,7 +48,11 @@ int dig_read_frmt_ascii(FILE *dascii, struct Format_info *finfo)
             return -1;
         }
 
-        strcpy(buf1, buff);
+        len = G_strlcpy(buf1, buff, sizeof(buf1));
+        if (len >= sizeof(buf1)) {
+            G_warning(_("Line <%s> is too long"), buff);
+            return -1;
+        }
         buf1[ptr - buff] = '\0';
 
         ptr++; /* Search for the start of text */
@@ -98,7 +104,11 @@ int dig_read_frmt_ascii(FILE *dascii, struct Format_info *finfo)
             continue;
         }
 
-        strcpy(buf1, buff);
+        len = G_strlcpy(buf1, buff, sizeof(buf1));
+        if (len >= sizeof(buf1)) {
+            G_warning(_("Line <%s> is too long"), buff);
+            return -1;
+        }
         buf1[ptr - buff] = '\0';
 
         ptr++; /* Search for the start of text */